Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  
  • Email Subscription

  • About Us


    Archive for the ‘Mac’ Category




    A critical Mac vulnerability was discovered by OS X security researcher Pedro Vilaca last week. According to his research, any attacker can disable the BIOS lock just by taking advantage of a flaw in Apple’s S3 sleep state (more known as 'standby mode') suspend-resume implementation. Once an attacker does this, he can install bootkit malware onto a Mac BIOS without the user’s knowledge. This is can be a major issue for Mac owners since the vulnerability gives attackers unfettered access to their device. Since a bootkit ...

    Posted in Mac, Malware |


    Nov10
    3:10 am (UTC-7)   |    by

    In an earlier blog post, we tackled what Wirelurker malware is and its security implications and risks for iOS and OSX devices.  Within hours of the discovery of this malware, a Windows-based malware (detected as TROJ_WIRELURK.A) that performs the same attack was also seen in the wild. In this blog post, we’d like to share practices and recommendations for users and enterprises in order secure their devices from this threat. The following are some simple steps for users to check whether their ...




    Since the discovery of Shellshock, Trend Micro has continuously monitored the threat landscape for any attacks that may leverage these vulnerabilities. So far, we have identified an active IRC bot, exploit attempts in Brazil and China, botnet attacks, and a wide variety of malware payloads such as ELF_BASHLITE.A, ELF_BASHLET.A, and PERL_SHELLBOT.WZ among others.  It is reported that other vulnerable protocols like HTTP, SMTP, SSH, and FTP are also affected by Shellshock. We found that one of the payloads of Bash vulnerabilities, which we ...

    Posted in Exploits, Mac, Malware, Vulnerabilities | Comments Off on Shellshock Vulnerability Downloads KAITEN Source Code


    Jun5
    10:17 am (UTC-7)   |    by

    The many announcements at Apple's 2014 Worldwide Developers Conference (WWDC) this week was welcome news to the throngs of Apple developers and enthusiasts. It was also welcome news for another group of people with less than clean motives: cybercriminals. Last week we got a concrete example of how some cybercriminals are now actively targeting Apple ID accounts. A thread in the Apple support forums was filled with users complaining that their devices had been locked, with a message from a certain "Oleg Pliss" demanding $100 to unlock ...

    Posted in Mac | Comments Off on Hacking Apple ID?



    Recently, it was announced that such well-known names in the tech industry such as Facebook, Twitter, Microsoft, and Apple had all been affected by a watering hole attack. Employees at all of these affected firms had visited a popular iOS developer forum, which was compromised to serve a then-unknown Java exploit to its users. Unsurprisingly, Java has received the brunt of the blame for this incident. One headline story from The Verge even called for Java to "go away". Similar thoughts ...

    Posted in Mac, Targeted Attacks | Comments Off on Barking Up The Wrong Tree


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice